Volumes
The How to CISO Volumes represent guidance to CISOs at specific points in their career: at transition points, or deep diving into specific areas. Each volume is presented both as a PDF, so you can take it with you wherever you go, as well as in HTML form here.
-
How to CISO Volume 0: The Idealized CISO Job Description
Many companies are not in dire need of a CISO right now, but need to define a role for their future CISO, often including a plan to develop the…
-
How to CISO Volume 1: The First 91 Days
Ninety days is generally the grace period (or “honeymoon,” if you’d like) that a new executive has to get acclimated to a new environment. At the end of this…
-
Preview: How to CISO Volume 2: Risk Measurement
As a CISO, you’re often going to be asked to measure risk. This has a lot of different meanings, depending on who is speaking, so you’re going to have…
Handbooks
Think of Handbooks as your very own Cliff Notes on various cybersecurity topics. Whether it’s how to model your organization, thinking about zero trust or AI, or writing job descriptions, Handbooks represent your quick guide to level up your CISO skill set.
-
Handbook: Zero Trust Principles
In the 2010s, the cybersecurity community was introduced to the concept of zero trust, the idea that implicitly trusting remote systems might be a … bad idea. John Kindervagt…